diff --git a/home/.chezmoiscripts/universal/run_before_01-disconnect-warp.sh.tmpl b/home/.chezmoiscripts/universal/run_before_01-disconnect-warp.sh.tmpl new file mode 100644 index 00000000..f45fa965 --- /dev/null +++ b/home/.chezmoiscripts/universal/run_before_01-disconnect-warp.sh.tmpl @@ -0,0 +1,20 @@ +{{- if (ne .host.distro.family "windows") -}} +#!/usr/bin/env bash +# @file Disconnect from WARP +# @brief Disconnects from CloudFlare Teams / WARP +# @description +# This script detects for the presence of the `warp-cli` and the WARP connection status. If `warp-cli` is installed +# and WARP is connected, then the service is disconnected. This feature is here to ensure programs such as `volta` +# which do not support custom CA certificates can still function properly. + +{{ includeTemplate "universal/profile-before" }} +{{ includeTemplate "universal/logg-before" }} + +if command -v warp-cli > /dev/null; then + if warp-cli status | grep 'Connected' > /dev/null; then + logg info 'Disconnecting from CloudFlare Teams / WARP due to Volta ignoring CA specified in NPM configuration' + warp-cli disconnect + fi +fi + +{{ end -}} \ No newline at end of file diff --git a/home/.chezmoiscripts/universal/run_onchange_after_14-cloudflare.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl similarity index 100% rename from home/.chezmoiscripts/universal/run_onchange_after_14-cloudflare.sh.tmpl rename to home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl diff --git a/home/dot_local/bin/executable_install-program b/home/dot_local/bin/executable_install-program index 76d7263b..5790990c 100644 --- a/home/dot_local/bin/executable_install-program +++ b/home/dot_local/bin/executable_install-program @@ -585,9 +585,9 @@ async function afterInstall(packageManager) { log('info', logStage, `Ensuring temporary passwordless sudo privileges used by Ansible are removed`) const gsed = which.sync('gsed', { nothrow: true }) if (gsed) { - await $`sudo gsed -i '/# TEMPORARY FOR ANSIBLE INSTALL/d' /etc/sudoers` + await $`sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR/d' /etc/sudoers` } else { - await $`sudo sed -i '/# TEMPORARY FOR ANSIBLE INSTALL/d' /etc/sudoers` + await $`sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR/d' /etc/sudoers` } } else if (packageManager === 'apk') { } else if (packageManager === 'apt') { @@ -737,7 +737,7 @@ async function beforeInstall(packageManager) { } } else if (packageManager === 'ansible') { log('info', logStage, `Temporarily enabling passwordless sudo for Ansible role installations`) - await $`echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR ANSIBLE INSTALL" | sudo tee -a /etc/sudoers` + await $`echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers` log('info', logStage, 'Running Ansible setup task so facts are cached') const unbuffer = which.sync('unbuffer', { nothrow: true }) let unbufferPrefix = '' diff --git a/local/provision.sh b/local/provision.sh index 0afaf630..89d938e0 100644 --- a/local/provision.sh +++ b/local/provision.sh @@ -13,6 +13,13 @@ if [ ! -d "${XDG_DATA_HOME:-$HOME/.local/share}/megabyte-labs" ]; then mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/megabyte-labs" fi +### Disconnect from WARP, if connected +if command -v warp-cli > /dev/null; then + if warp-cli status | grep 'Connected' > /dev/null; then + warp-cli disconnect && echo "Disconnected WARP to prevent conflicts" + fi +fi + # @description Installs glow (a markdown renderer) from GitHub releases # @example installGlow installGlow() { diff --git a/scripts/provision.sh b/scripts/provision.sh index 74137065..bd85ce8b 100644 --- a/scripts/provision.sh +++ b/scripts/provision.sh @@ -67,6 +67,13 @@ if [ -n "$CI" ]; then export WORK_ENVIRONMENT=false fi +### Disconnect from WARP, if connected +if command -v warp-cli > /dev/null; then + if warp-cli status | grep 'Connected' > /dev/null; then + warp-cli disconnect && echo "Disconnected WARP to prevent conflicts" + fi +fi + # @description Detect `START_REPO` format and determine appropriate git address, otherwise use the master Install Doctor branch if [ -z "$START_REPO" ]; then START_REPO="https://github.com/megabyte-labs/install.doctor.git" @@ -157,7 +164,6 @@ fi # @description Add current user to /etc/sudoers so that headless automation is possible if ! sudo cat /etc/sudoers | grep '# TEMPORARY FOR INSTALL DOCTOR' > /dev/null; then echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers - REMOVE_TMP_SUDOERS_MACOS=true fi # @section Qubes dom0 Bootstrap diff --git a/scripts/src/provision.sh.tmpl b/scripts/src/provision.sh.tmpl index 7af148aa..e0cfadb6 100644 --- a/scripts/src/provision.sh.tmpl +++ b/scripts/src/provision.sh.tmpl @@ -67,6 +67,13 @@ if [ -n "$CI" ]; then export WORK_ENVIRONMENT=false fi +# @description Disconnect from WARP, if connected +if command -v warp-cli > /dev/null; then + if warp-cli status | grep 'Connected' > /dev/null; then + warp-cli disconnect && echo "Disconnected WARP to prevent conflicts" + fi +fi + # @description Detect `START_REPO` format and determine appropriate git address, otherwise use the master Install Doctor branch if [ -z "$START_REPO" ] && [ -z "$REPO" ]; then START_REPO="https://github.com/megabyte-labs/install.doctor.git" @@ -99,7 +106,6 @@ fi # @description Add current user to /etc/sudoers so that headless automation is possible if ! sudo cat /etc/sudoers | grep '# TEMPORARY FOR INSTALL DOCTOR' > /dev/null; then echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers - REMOVE_TMP_SUDOERS_MACOS=true fi # @section Qubes dom0 Bootstrap